package com.mce.nebula.controller;

import com.mce.nebula.dto.ApiResponse;
import com.mce.nebula.service.PermissionService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.Map;

/**
 * 权限管理控制器
 * 对应Python的InitPerms
 */
@Slf4j
@RestController
@RequestMapping("/api/permissions")
@Tag(name = "权限管理", description = "权限初始化和管理相关接口")
@RequiredArgsConstructor
public class PermissionController {
    
    private final PermissionService permissionService;
    
    @PostMapping("/init")
    @Operation(summary = "初始化权限", description = "初始化团队权限设置")
    @PreAuthorize("hasRole('ADMIN')")
    public ResponseEntity<ApiResponse<Void>> initPermissions(
            @RequestParam(required = false) String enterpriseId,
            @RequestParam(required = false) String tenantId) {
        try {
            permissionService.initPermissions(enterpriseId, tenantId);
            return ResponseEntity.ok(ApiResponse.success(null, "权限初始化成功"));
        } catch (Exception e) {
            log.error("Failed to init permissions", e);
            return ResponseEntity.badRequest()
                .body(ApiResponse.error(400, e.getMessage()));
        }
    }
}
